<?php
	
	include 'conf/conf.inc.php'; 
	include 'connect/connect.php';
	
	$acao = '';
	if (isset($_GET["acao"]))
		  $acao = $_GET["acao"];
	
	if ($acao == "logoff"){
		session_start();
		session_destroy();
		header("location:login.php");	
	}else{
		if (isset($_POST["acao"])){
			$acao = $_POST["acao"];
			if ($acao == "login"){
				$user = $_POST['user'];
				$senha = $_POST['pass'];
				logar($user,$senha);
			}
		}
	}
	
	function logar($user,$senha){
		include 'conf/conf.inc.php'; 
		include 'connect/connect.php';
				
		$sql = "SELECT * FROM VENDEDOR WHERE USUARIO = \"$user\"";
		//echo $sql;
		$result = mysql_query($sql, $link);
		$senhaBD = "";
		$nomeUsuario = "";

		while ($row = mysql_fetch_array($result)){
			$senhaBD = $row['senha'];
			$nomeUsuario = $row['nome'];
		}
		
		$senha = md5($senha);
				
		if ($senha == $senhaBD){
			session_start();
			$_SESSION['usuarioLogado'] = $nomeUsuario;
			header("location:index.php");	
		}else 
			header("location:login.php");					
	}

?>	